Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b8ff95a69583985abff3f855a28eb9e1_JaffaCakes118
-
Size
420KB
-
Sample
240822-y1q8gsycmk
-
MD5
b8ff95a69583985abff3f855a28eb9e1
-
SHA1
f207ef5b03687cf9584855c3a2caf891b3a9771c
-
SHA256
0ee1ed5e60d5057e77a3593d70b1fb29758523907c9c01ea982e833212b890f3
-
SHA512
24a5d24c706c8743a89012a2177d81be01949a100dec1f915cb41f35d76a460ca76a3e3a0146493ee64fa8e2726b629d3d5e538e28f1a69ca9c5a75ebe4def8f
-
SSDEEP
6144:FwW/jqFk7qFoQudlhiP5+6yCtfGiIpZFGd:Ffw2QudeYrfFo
Malware Config
Targets
-
-
Target
b8ff95a69583985abff3f855a28eb9e1_JaffaCakes118
-
Size
420KB
-
MD5
b8ff95a69583985abff3f855a28eb9e1
-
SHA1
f207ef5b03687cf9584855c3a2caf891b3a9771c
-
SHA256
0ee1ed5e60d5057e77a3593d70b1fb29758523907c9c01ea982e833212b890f3
-
SHA512
24a5d24c706c8743a89012a2177d81be01949a100dec1f915cb41f35d76a460ca76a3e3a0146493ee64fa8e2726b629d3d5e538e28f1a69ca9c5a75ebe4def8f
-
SSDEEP
6144:FwW/jqFk7qFoQudlhiP5+6yCtfGiIpZFGd:Ffw2QudeYrfFo
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2